5a49f5662baf895a23a8c633bd7d012f | Triage

Sharing

General

Target

5a49f5662baf895a23a8c633bd7d012f
Size

22KB
MD5

5a49f5662baf895a23a8c633bd7d012f
SHA1

d001489d68cbad90783227ccf26e31fa0d3d62ce
SHA256

6e1000bcfd444bbb0c68302da4954c752b56e5da66fe5c9c598b62f2765295db
SHA512

80a6b23b13a6ccc1ba9761386417250cf661126f62d961ec98285eeb720305a9325634e3e40921699225873bcef98989c9ddb01638e6f05cd9713aca58f75c16
SSDEEP

384:M5lnZJfH5NnCd4wezxLFFUvwl57goRhdqe8h6fQYnoTwybqEImQKKXFqnP:i3fTCd4wezJP3l5Eo/dKh6VGq5LKKX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a49f5662baf895a23a8c633bd7d012f

Files

5a49f5662baf895a23a8c633bd7d012f
.exe windows:4 windows x86 arch:x86

c0b12ce857fbdf9183f9b1de2e903f36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GetProcAddress
LoadLibraryA
VirtualProtectEx
CreateProcessA
GetCommandLineA
SetThreadContext
GetThreadContext
ResumeThread

user32

GetDC

gdi32

SetTextColor
GetTextColor

Sections

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE